-
Notifications
You must be signed in to change notification settings - Fork 30
/
Copy pathmongo-ha.yaml
234 lines (233 loc) · 7.58 KB
/
mongo-ha.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
---
kind: Template
apiVersion: v1
metadata:
name: forms-flow-db
labels:
app: forms-flow-db
annotations:
description: "MongoDB database running as replicate set"
tags: "mongodb,replication"
parameters:
- name: MEMORY_REQUEST
description: Amount of Memory to Request.
displayName: Memory Request
required: true
- name: MEMORY_LIMIT
description: Amount of Memory to Limit.
displayName: Memory Limit
required: true
- name: CPU_REQUEST
description: Amount of CPU to Request.
displayName: Memory Request
required: true
- name: CPU_LIMIT
description: Amount of CPU to Limit.
displayName: Memory Limit
required: true
- name: MONGODB_SERVICE_NAME
description: Name of the MongoDB Service
displayName: MongoDB Service Name
value: "hamongo"
required: true
- name: MONGODB_REPLICAS
description: Number of MongoDB replica pods
displayName: MongoDB Replicas
value: "3"
required: true
- name: MONGODB_PASSWORD
displayName: "MongoDB Connection Password"
description: "Password for the MongoDB connection user."
generate: expression
from: "[a-zA-Z0-9]{16}"
required: true
- name: MONGODB_ADMIN_PASSWORD
displayName: "MongoDB Admin Password"
description: "Password for the database admin user."
generate: expression
from: "[a-zA-Z0-9]{16}"
required: true
- name: MONGODB_SECRET_NAME
displayName: MongoDB Secret.
description: Name of the Secret containing MongoDB Assets
value: "mongodb-creds"
required: true
- name: MONGODB_USER
displayName: "MongoDB Connection Username"
description: "Username for MongoDB user that will be used for accessing the database."
generate: expression
from: "[a-zA-Z0-9]{5}"
required: true
- name: MONGODB_REPLICA_NAME
displayName: "Replica Set Name"
description: "The name of the replica set."
value: "rs0"
required: true
- name: MONGODB_KEYFILE_VALUE
displayName: "Keyfile Content"
description: "The value of the MongoDB keyfile (https://docs.mongodb.com/manual/core/security-internal-authentication/#internal-auth-keyfile)."
generate: expression
from: "[a-zA-Z0-9]{255}"
required: true
- name: MONGODB_IMAGE
displayName: "MongoDB Docker Image"
description: "A reference to a supported MongoDB Docker image."
value: registry.redhat.io/rhscl/mongodb-36-rhel7
required: true
- name: MONGODB_IMAGE_TAG
description: Name of the MongoDB tag that should be used
displayName: MongoDB Tag
value: "1"
required: true
- name: VOLUME_CAPACITY
displayName: "Volume Capacity for MongoDB"
description: "Volume space available for data, e.g. 512Mi, 2Gi."
required: true
- name: SC_MONGO
description: The Storage Class for the MongoDB
displayName: Storage Class for MongoDB
required: true
- name: MONGODB_DATABASE
displayName: "MongoDB Database Name"
description: "Name of the MongoDB database accessed."
value: forms-flow-db
required: true
objects:
- kind: Secret
apiVersion: v1
metadata:
name: ${MONGODB_SECRET_NAME}
labels:
app: formio-chat-mongodb
stringData:
database: ${MONGODB_DATABASE}
username: "${MONGODB_USER}"
password: "${MONGODB_PASSWORD}"
admin-username: "admin"
admin-password: "${MONGODB_ADMIN_PASSWORD}"
mongo-url: "mongodb://${MONGODB_USER}:${MONGODB_PASSWORD}@${MONGODB_SERVICE_NAME}:27017/${MONGODB_DATABASE}?replicaSet=${MONGODB_REPLICA_NAME}"
mongo-oplog-url: "mongodb://admin:${MONGODB_ADMIN_PASSWORD}@${MONGODB_SERVICE_NAME}:27017/local?authSource=admin&replicaSet=${MONGODB_REPLICA_NAME}"
- kind: Service
apiVersion: v1
metadata:
name: "${MONGODB_SERVICE_NAME}"
labels:
app: forms-flow-db
spec:
ports:
- name: mongodb
port: 27017
selector:
statefulset: "${MONGODB_SERVICE_NAME}"
- kind: Service
apiVersion: v1
metadata:
name: "${MONGODB_SERVICE_NAME}-internal"
labels:
app: forms-flow-db
annotations:
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
clusterIP: None
ports:
- name: mongodb
port: 27017
selector:
statefulset: "${MONGODB_SERVICE_NAME}"
- kind: StatefulSet
apiVersion: apps/v1
metadata:
name: "${MONGODB_SERVICE_NAME}"
labels:
app: forms-flow-db
spec:
selector:
matchLabels:
statefulset: ${MONGODB_SERVICE_NAME}
serviceName: "${MONGODB_SERVICE_NAME}-internal"
replicas: ${{MONGODB_REPLICAS}}
template:
metadata:
labels:
app: forms-flow-db
statefulset: ${MONGODB_SERVICE_NAME}
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: name
operator: In
values:
- ${MONGODB_SERVICE_NAME}
topologyKey: "kubernetes.io/hostname"
containers:
- name: mongo-container
image: "${MONGODB_IMAGE}:${MONGODB_IMAGE_TAG}"
ports:
- containerPort: 27017
args:
- "run-mongod-replication"
volumeMounts:
- name: mongo-data
mountPath: "/var/lib/mongodb/data"
env:
- name: MONGODB_USER
valueFrom:
secretKeyRef:
key: username
name: "${MONGODB_SECRET_NAME}"
- name: MONGODB_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: "${MONGODB_SECRET_NAME}"
- name: MONGODB_DATABASE
valueFrom:
secretKeyRef:
key: database
name: "${MONGODB_SECRET_NAME}"
- name: MONGODB_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: admin-password
name: "${MONGODB_SECRET_NAME}"
- name: MONGO_OPLOG_URL
valueFrom:
secretKeyRef:
key: mongo-oplog-url
name: "${MONGODB_SECRET_NAME}"
- name: MONGODB_REPLICA_NAME
value: "${MONGODB_REPLICA_NAME}"
- name: MONGODB_KEYFILE_VALUE
value: "${MONGODB_KEYFILE_VALUE}"
- name: MONGODB_SERVICE_NAME
value: "${MONGODB_SERVICE_NAME}-internal"
resources:
limits:
memory: "${MEMORY_LIMIT}"
cpu: "${CPU_LIMIT}"
requests:
memory: "${MEMORY_REQUEST}"
cpu: "${CPU_REQUEST}"
exec:
command:
- /bin/sh
- '-i'
- '-c'
- >-
mongo 127.0.0.1:27017/$MONGODB_DATABASE -u $MONGODB_USER -p
$MONGODB_PASSWORD --eval="quit()"
volumeClaimTemplates:
- metadata:
name: mongo-data
labels:
name: "${MONGODB_SERVICE_NAME}"
app: forms-flow-db
spec:
accessModes: [ ReadWriteOnce ]
storageClassName: "${SC_MONGO}"
resources:
requests:
storage: "${VOLUME_CAPACITY}"